package cn.com.backstage.controller;

import java.util.List;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.log4j.Logger;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.servlet.ModelAndView;

import cn.com.api.entity.*;
import cn.com.api.service.*;
import cn.com.util.DateUtil;
import cn.com.util.Tools;
import cn.com.util.*;

@Controller
@RequestMapping(Utils.SYS_BACKSTAGE)
public class UserController {

	private static Logger logger = Logger.getLogger(UserController.class);

	@Autowired
	private ApiT_user_adminService apiT_user_adminService;
	@Autowired
	private UserService userService;
	@Autowired
	private ApiT_user_roleService apiT_user_roleService;
	@Autowired
	private ApiT_user_role_actionService apiT_user_role_actionService;
	@Autowired
	private ApiT_user_actionService apiT_user_actionService;
	
	@Transactional
	@RequestMapping(value = "login", method = RequestMethod.POST)
	public ModelAndView login(HttpServletRequest request,
			HttpServletResponse response) throws Exception {
		ModelAndView mv = new ModelAndView("redirect:/backstage/login.jsp");
		String user_name = request.getParameter("username");
		String password = request.getParameter("password");
		password = Tools.toMD5(Tools.RmFilter(request.getParameter("password")));
		//System.out.println(userid + "---" + password);
		
		try
		{
			List<ApiT_user_admin> users = apiT_user_adminService.findT_user_adminsByUser_name(user_name);
			ApiT_user_admin user = null;
			for(ApiT_user_admin cur_user : users){
				if(cur_user.getPassword().equalsIgnoreCase(password)){
					user=cur_user;
					
					//更新最后登陆时间
					cur_user.setLast_login(DateUtil.nowTimeToString());
					apiT_user_adminService.updateT_user_admin(cur_user);
					
					break;
				}
			}
			
			if (user != null) {
				try{
					//用户 权限
				    List<ApiT_user_role_action> actions  =	apiT_user_role_actionService.findT_user_role_actionsByRole_id(user.getRole_id().toString());
					String action_list = "";
				    for(ApiT_user_role_action action : actions){
						ApiT_user_action _action  = apiT_user_actionService.findT_user_actionById(action.getAction_id());
						
						action_list = action_list.concat(","+ _action.getModule_code()+"￥"+_action.getAction_code());
					}
					user.setAction_list(action_list);
				}catch(Exception e){}
				//
				request.getSession().setAttribute("user_admin", user);
				// System.out.println("---" + user.getC_userid());
				mv = new ModelAndView("redirect:/backstage/index.jsp");
				ApiT_user_admin admin = (ApiT_user_admin) request.getSession().getAttribute("user_admin");
				mv.addObject("user_admin",admin);
			} else {
				mv = new ModelAndView("redirect:/backstage/login.jsp");
			}
		}
		catch(Exception e){
			logger.error(e);
			e.printStackTrace();
		}
		
		return mv;
	}

	/**
	 * 管理员注销
	 * 
	 * @return
	 */
	@Transactional
	@RequestMapping(value = "logout")
	public ModelAndView logout(HttpServletRequest request,
			HttpServletResponse response) throws Exception {
		
		ModelAndView mv = new ModelAndView("redirect:/backstage/login.jsp");
		try
		{
			ApiT_user_admin staff = (ApiT_user_admin) request.getSession().getAttribute("user_admin");
			logger.info("用户退出系统:username=" + staff.getUser_name());
			request.getSession().invalidate();
			
		}catch(Exception e){
			logger.error(e);
			e.printStackTrace();
			
			request.getSession().invalidate();
		}
		return mv;
	}

	/**
	 * 进入修改密码界面
	 * 
	 * @return
	 */
	@Transactional
	@RequestMapping(value = "password")
	public ModelAndView password(HttpServletRequest request,
			HttpServletResponse response) throws Exception {
		ModelAndView mv = new ModelAndView(
				"forward:/views/backstage/password.jsp");
		return mv;
	}

	/**
	 * 修改密码
	 * 
	 * @return
	 */
	@Transactional
	@RequestMapping(value = "updatePassword")
	public ModelAndView updatePassword(HttpServletRequest request,
			HttpServletResponse response) throws Exception {
		String password = request.getParameter("password");
		String password1 = request.getParameter("password1");
		User staff = (User) request.getSession().getAttribute("user");
		ModelAndView mv = new ModelAndView(
				"forward:/views/backstage/password.jsp");
		if (!staff.getC_password()
				.equals(Tools.toMD5(Tools.RmFilter(password)))) {
			mv.addObject("msg", "您输入的原密码错误，请重新输入！");
		} else {
			staff.setC_password(Tools.toMD5(Tools.RmFilter(password1)));
			// userService.update(staff);
			mv.addObject("msg", "密码修改成功！");
		}
		return mv;
	}

	/**
	 * 回到首页
	 * 
	 * @return
	 */
	@Transactional
	@RequestMapping(value = "homepage")
	public ModelAndView homepage(HttpServletRequest request,
			HttpServletResponse response) throws Exception {
		ModelAndView mv = new ModelAndView("forward:/backstage/index.jsp");
		return mv;
	}
}
